https://supertokens.com/ logo
f

FrAgOrDiE

05/11/2022, 3:05 PM
Hi there, for frontend calls I'm not using either fetch or axios. It's umi-request. Which is not including authentication headers automatically. We're trying to create a custom interceptor but I don't know how to get the plain access token in order to include it in the headers. How can I do this?
r

Romain

05/11/2022, 3:07 PM
You must set this on your session.init :
Copy code
Session.init({
            jwt: {
                enable: true,
            },
`
After you can get the JWT like this :
Copy code
app.get("/getJWT", verifySession(), async (req, res) => {
    let session = req.session;

    let jwt = session.getAccessTokenPayload()["jwt"];

    res.json({ token: jwt })
});
f

FrAgOrDiE

05/11/2022, 3:09 PM
Would this give me the payload or the actual token? 🤔
r

Romain

05/11/2022, 3:12 PM
The jwt
r

rp

05/11/2022, 3:12 PM
The actual access token is stored as httpOnly cookies. So you can't read it on the frontend.
there is another token that is sent called
front-token
which = to the access token's payload and that is sent as a header response. You can store that in localstorage or cookies and read the access token payload from there.
f

FrAgOrDiE

05/11/2022, 3:15 PM
is it
sIdRefreshToken
?
Nevermind, I suppose
sFrontToken
, which is returned on success login right?
r

rp

05/11/2022, 3:18 PM
yes. correct. It may also be returned during API calls that modify the access token's payload.